11/10/2023

New ETAS tool for security testing available

ESCRYPT CycurFUZZ detects security vulnerabilities quickly and accurately

Bugs – not only do they lurk in the Paris Metro, but they can also cause trouble in your ECU software. Finding these software bugs and proving the robustness of the software poses significant challenges for OEMs and suppliers – not least since international regulations such as UN R-155 and ISO/SAE 21434 mandate cybersecurity testing for vehicle systems.

ETAS now offers a solution for this: The new ESCRYPT CycurFUZZ fuzzing tool makes it possible, from now on, to check and improve the software quality and robustness of the cybersecurity of their products. Fuzzing has become an established test method in the automotive industry and is explicitly recommended in ISO/SAE 21434 to validate the robustness and cyber resilience of vehicle systems and to detect vulnerabilities at an early stage. CycurFUZZ is based on the many years of experience held by the Fuzz team at ETAS. With ESCRYPT CycurFUZZ, ETAS is presenting an innovative solution that allows several ECUs to be fuzzed at the same time, therefore saving considerable time. In doing so, the fuzzing tool from ETAS sets new standards in terms of speed and error detection.

In fact, a test with similar tools on the market showed that ESCRYPT CycurFUZZ's process speed is up to 8.5 times faster thanks to dynamic timing and automatic handling of test exceptions. Furthermore, ESCRYPT CycurFUZZ uncovers between 66 and 600 percent more safety-related vulnerabilities and other undetected defects in software than other tools because it fully complies with automotive protocol specifications. The tool can be used individually or as part of the comprehensive ETAS SiL test solution.

CycurFUZZ Fuzz-Testing Speed
Result of the fuzzing speed comparison
CycurFUZZ detection confirmed defects
Result of the error detection rate comparison

In this way, ESCRYPT CycurFUZZ opens up entirely new opportunities for OEMs and suppliers in the field of cybersecurity testing: "With CycurFUZZ, we have found bugs in software that we have been developing for 10 years and could not find with our previous testing strategy" – automotive customer.

Also available in our Newsroom